security testing
Testing reveals Claude Mythos’s offensive capabilities and limits
Could Claude Mythos Preview, Anthropic’s latest large language model, be leveraged for fully automated cyber attacks? The UK government’s AI Security Institute …
AI-driven DAST reduces manual setup and surfaces exploitable vulnerabilities
In this Help Net Security interview, Joni Klippert, CEO at StackHawk, discusses what defines DAST coverage in 2026 and why scan completion does not equal security. She …
Picking an AI red teaming vendor is getting harder
Vendor noise is already a problem in traditional security testing. AI red teaming has added another layer of confusion, with providers offering everything from consulting …
The rise of DAST 2.0 in 2025
Static Application Security Testing (SAST) found favor among security teams as an easy way to deploy security testing without really engaging developers. With the ability to …
Microsoft plans to limit security products’ access to Windows kernel mode
Microsoft has announced the Windows Resiliency Initiative, aimed at avoiding a repeat of the prolonged worldwide IT outage caused by a buggy CrowdStrike update that took down …
Essential metrics for effective security program assessment
In this Help Net Security interview, Alex Spivakovsky, VP of Research & Cybersecurity at Pentera, discusses essential metrics for evaluating the success of security …
CrowdStrike engages external experts, details causes of massive outage
CrowdStrike has published a technical root cause analysis of what went wrong when a content update pushed to its Falcon sensors borked over 8.5 million Windows machines around …
Learning from CrowdStrike’s quality assurance failures
CrowdStrike has released a preliminary Post Incident Review (PIR) of how the flawed Falcon Sensor update made its way to millions of Windows systems and pushed them into a …
How companies increase risk exposure with rushed LLM deployments
In this Help Net Security interview, Jake King, Head of Threat & Security Intelligence at Elastic, discusses companies’ exposure to new security risks and …
Finding software flaws early in the development process provides ROI
Enterprises spend enormous effort fixing software vulnerabilities that make their way into their publicly-facing applications. The Consortium for Information and Software …
Debunking compliance myths in the digital era
Despite recent economic fluctuations, the software-as-a-service (SaaS) market isn’t letting up. The industry is set to grow annually by over 18% and be valued at $908.21 …
10 tips for creating your security hackathon playbook
For more than 12 years, I’ve been organizing and running hackathons with the goal of finding security vulnerabilities and fixing them before a product hits the market. These …
Featured news
Resources
Don't miss
- Microsoft May 2026 Patch Tuesday: Many fixes, but no zero-days
- Stealthy hackers exploit cPanel flaw in active backdoor campaign (CVE-2026-41940)
- Amazon Quick authorization bypass let users reach blocked AI chat agents
- Download: The IT and security field guide to AI adoption
- JetBrains TeamCity vulnerability allows privilege escalation, API exposure (CVE-2026-44413)